Security Basics mailing list archives

Re: Where to start?

From: flyingmunk () gmail com
Date: 31 May 2007 14:15:15 -0000

It's very difficult to start out a career as a pen tester. You will need some security knowledge and 
programming/scripting background.

Being a pen tester is much more than being able to operate a tool, such as nmap or metasploit. To be able to progam in 
C is always a good start, but with the advent of Python and Ruby, there are 'easier' ways to create code.

Additionally, I would suggest you become familiar with web servers and sql servers. A majority of pen test are 
performed against web/db/app server environments. Having knowledge of these environments and their weaknesses will be 
helpful.

Study the forums also, you'll pick up lots of helpful hints and techniques that individuals use to exploit various 
servers and application weaknesses. 

Also, find a mentor. The best method to understand what path you need to follow, is to observer someone who already 
understands this discipline.

Chris

Current thread:

Where to start? graciejj_82 (May 30)
- RE: Where to start? Johnson, Joseph (May 31)
- Re: Where to start? Chris Halverson (May 31)
- <Possible follow-ups>
- Re: Where to start? flyingmunk (May 31)
- Re: Where to start? krymson (May 31)